SPINDLEY et al 
Serial No. 09/171,960 



REMARKS 

Reconsideration of this application is respectfully requested. Upon entry of this 
amendment, claims 1-17 and 21-23 are pending. By the present amendment, claims 1,2, 
8, 13, 14, 15, 21 and 23 have been amended. 

Entry of this amendment is proper because the amendments do not raise any new 
issues requiring further search and/or consideration. In particular, without acquiescing in 
the objection to the previous amendment, and in an effort to expedite prosecution on the 
merits, the claims have been amended to remove reference to higher and lower level 
processors, thereby more closely conforming the claims to those originally filed. 
Moreover, it is respectfully submitted that the feature of a higher and/or lower level 
processor is not necessary to distinguish the claims from the cited references, as 
discussed in detail below. Accordingly, entry of the amendment is proper, which action 
is earnestly solicited. 

The rejection of claims 1-17 and 21-23 under 35 U.S.C. §103(a) over Clarke et al. 
(U.S. Patent No. 5,550,914, hereinafter "Clarke") in view of Weisser (WO 95/35633) is 
respectfully traversed. Without acquiescing in the rejection and to obviate the objection 
to the previously amended claims, claims 1, 2, 8, 13, 14, 15, 21 and 23 have been 
amended. Accordingly, the rejection will be discussed with respect to the amended 
claims. 
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The present invention performs security checking of incoming messages at a "low- 
level" (e.g., layer 2 in the SS7 terminology). The reason for doing this is that there is 
some dedicated simple processing equipment for performing this low level processing 
(the layer 2 processing) at each link connection to the node. By performing the security 
processing at this level, the additional load is distributed among the different sets of 
(layer 2) processing equipment rather than placing the entire load on the smaller number 
of main processors (which perform all higher layer processing). When the load is 
distributed among the different (layer 2) sets of processing equipment, the increased load 
on each set is small and the consequent reduction in performance of the node as a whole 
is small. When the load is placed entirely on the main processors), there is a significant 
reduction in performance of the main processor(s) resulting in a significant reduction in 
performance of the node as a whole. This is at least one reason why prior art techniques - 
such as that described in Weisser - have not been adopted thus far by the industry. 

Clarke is directed to a communications siganlling network apparatus. Clarke 
discloses a message interceptor that is interposed in a link of a communications signalling 
network such as an SS7 network. The interceptor purportedly separately maintains the 
link level protocols on the two portions of the link with which it interfaces. Message data 
is transferred across between the ling portions by a transfer circuit of the interceptor. In 
the course of this transfer, the nature of the data is checked by a selective action control 
circuit against selection criteria held in a store. If a selection criteria is met, the control 
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circuit acts to suppress or modify the data. It is noted that the characterization in the 
Office Action of Clarke is incorrect as noted herein. 

Significantly, there is no teaching or suggestion anywhere in Clarke of the 
specifically recited comparison and overwrite or corrective action features of the claimed 
invention. In particular, the selective action control circuit of Clarke acts to supress (le. y 
block) the transfer of such contents onward (see, e.g., Col. 8, lines 36-56, especially lines 
49-56). The data modification circuit of Clarke does not overwrite the data of the control 
field or take any corrective action as set forth in the claims. Instead, and quite to the 
contrary, the data modification circuit does exactly what its title implies, i.e., it modifies 
the data, it does not overwrite the control field with a value from a subset of a plurality of 
possible values or correct it. For example, the purpose of the data modification circuit of 
Clarke is to effect modification of the permissible MSU data transferred out of the 
register to the buffer. Examples of such data modification include encryption or 
decryption of the message, etc. (see, e.g., Col. 11, lines 10-16). 

In summary, Clarke discloses either blocking the message entirely if it is 
impermissible, or, alternatively, modifying the message in a complex manner if the 
message is permissible, but requires some processing to be carried out on it (e.g., to 
perform encryption or decryption of the message). It is important to note that the 
modification of data only occurs if the data has been deemed permissible. There is no 
teaching or suggestion anywhere in Clarke of modifying or correcting impermissible data. 
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The only action taken according to Clarke upon the detection of impermissible data is to 
block such data from being transferred. The impermissible data is not overwritten or 
corrected. The modification of Clarke is only selective in that not all data transferred by 
the transfer circuit will require modification (see, e.g., Col. 10, lines 45-48). 

Moreover, the Office Action suggests that Clarke provides a motive for using the 
operating node to communicate between two related but separate network infrastructures, 
and thus it would have been obvious to apply this solution to an external network. This 
reasoning is incorrect. The two networks referred to in Clarke are the signalling network 
and the telephone network. The signalling network carries signalling messages and the 
telephone network carries voice data. No messages are carried from one network to the 
other. They operate in strict parallel. Thus, Clarke cannot suggest the idea of performing 
a simple check and replace step at the boundary between an external and a self-controlled 
network across which messages flow from one network to the other as set forth in the 
claimed invention. 

Weisser is directed to the mediation of traffic in an advanced intelligent network. 
While Weisser describes a comparison, it is silent as to where (e.g., at a high level or at a 
low level) the comparison takes place. However, one skilled in the art would 
immediately recognize that such a comparison must take place at the high level because: 
1) this is conventionally where such comparison is performed in this type of system; 2) 
the described process involves generating random numbers, and storing these in a 
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database together with data derived from the incoming messages (generating random 
numbers and storing data in a database are processes generally performed by high level 
processors); and 3) there are suggestions that the described process could also involve 
investigating fields which are part of a higher than layer 2 layer (see, e.g., at page 15, 
lines 5 to 7), it lists all of the layer 2 parameters and then states that it "may check for the 
validity of other selected parameters." This would involve investigating inside the layer 
2 "envelope" which is something which would typically not be done by a low-layer (layer 
2) processor but rather by the high level main processor. 

Thus Weisser is distinguished from the present invention (all claims) where the 
comparison is performed at a low level. In short, Weisser does not teach performing a 
compare and rectify process as part of a low level process prior to higher level processing 
on the same node. Instead, Weisser suggests performing a much more complex 
substitution process as part of a high level process. As noted above, this approach leads 
to the disadvantages that are overcome by the claimed invention, namely, performing a 
simple process as part of an already existing low level process. Moreover, it is apparent 
from the approach suggested by Weisser, that Weisser teaches away from the solution of 
the present invention. 

Thus, it is respectfully submitted that Weisser does not overcome the fundamental 
deficiencies of Clarke. Moreover, Clarke is entirely inapplicable to the pending claims 
and as such, there is no motivation to combine the teachings of Clarke and Weisser. 
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However, even if, arguendo, the combination of Clarke and Weisser were proper, the 
combination nevertheless fails to render the claimed invention obvious. Weisser fails to 
overcome the deficiencies of Clarke noted above, and Weisser also teaches away from 
the claimed invention and does not overcome the disadvantages of the prior art or provide 
the advantages of the claimed invention. Therefore, reconsideration and withdrawal of 
the rejection are respectfully requested. 

In view of the foregoing, it is respectfully submitted that the entire application is 
in condition for allowance. Favorable reconsideration of the application and prompt 
allowance of the claims are earnestly solicited. 

Should the Examiner deem that further issues require resolution prior to 
allowance, the Examiner is invited to contact the undersigned attorney of record at the 
telephone number set forth below. 



USG:dbp 

1 100 North Glebe Road, 8th Floor 
Arlington, VA 22201-4714 
Telephone: (703) 816-4000 
Facsimile: (703) 816-4100 



Respectfully submitted, 



NIXON & VANDERHYE P.C. 




TJpdeep S. Gill 
Reg. No. 37,334 
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MARKED-UP VERSION OF AMENDED CLAIMS 

1 . (Twice Amended) A method of operating a node in a communications 
network, which node is in use connected to signal sources external to the communications 
network via respectively corresponding links, [each link having an associated low level 
processor feeding signals to one or more higher level processor within the node, there 
being fewer higher level processors than low level processors,] the method comprising: 

a) receiving [at each low level processor] from a respective signal source 
signals which include a control field, which control field takes one of a plurality of 
possible values, and the subsequent handling of the said signal by the network being 
controlled according to the value of the control field; 

b) within a lower level of a messaging protocol [running on the low level 
processors of the node], and prior to the processing of the signal by higher level functions 
[running on a higher level processor of the node], overwriting the control field with a 
value from a restricted subset of the plurality of possible values; and 

c) subsequently processing the signal in the network in dependence upon the 
said value from the restricted subset of the plurality of possible values. 

2. (Twice Amended) A method of operating a communications network 
comprising: 

a) communicating control signals between nodes of the network via 
respectively corresponding links[, each link having an associated low level processor 
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feeding signals to one or more higher level processor within the node, there being fewer 
higher level processors than low level processors,] which control signals conform to a 
predetermined signalling protocol; 

b) at one of the said nodes, receiving [at a low level processor] from a signal 
source external to the network signals conforming to the said predetermined protocol and 
including a control field, which control field takes one of a plurality of possible values; 

c) within said lower level of a messaging protocol running on the node, and 
prior to the processing of the signal by higher level functions running on the node 
overwriting the control field with a value from a restricted subset of the plurality of 
possible values; and 

d) subsequently processing the signal in the network in dependence upon the 
said value from the restricted subset of the plurality of possible values. 

8. {Twice Amended) A node suitable for connection in a communications 
network and comprising: 

a) a network interface for connection to the communications network; 

b) a signal interface for connection to a signal source external to the 
communications network via respectively corresponding links[, each link having an 
associated low level processor feeding signals to one or more higher level processor 
within the node, there being fewer higher level processors than low level processors]; 
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c) means connected to the signal interface for overwriting, within a lower 
level of a messaging protocol [at a low level processor], a control field in a signal 
received via the signal interface from the signal source with one of a subset of 
predetermined values; and 

d) signal processing means for processing the said signal in dependence upon 
the said one of a subset of predetermined values. 

13. (Twice Amended) A method of operating a node in a communications 
network, which node is in use connected to a signal source external to the 
communications network via respectively corresponding links, [each link having an 
associated low level processor feeding signals to one or more higher level processor 
within the node, there being a fewer higher level processors than low level processors,] 
the method comprising: 

a) receiving [at a low. level processor] from the said signal source signals 
which include a control field, which control field takes one of a plurality of possible 
values, and the subsequent handling of the said signal by the network being controlled 
according to the value of the control field; 

b) overwriting the control field at a low level [processor] process with a value 
from a restricted subset of the plurality of possible values; and 

c) subsequently processing the signal in the network in dependence upon the 
said value from the restricted subset of the plurality of possible values. 
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14. {Twice Amended) A method of operating a communications network 
comprising: 

a) communicating control signals between nodes of the network via 
respectively corresponding links, [each link having an associated low level processor 
feeding signals to one or more higher level processor within the node, there being fewer 
higher level processors than low level processors,] which control signals conform to a 
predetermined signalling protocol; 

b) at one of the said nodes, receiving at a low level [processor] process from a 
signal source external to the network signals conforming to the said predetermined 
protocol and including a control field, which control field takes one of a plurality of 
possible values; 

c) overwriting at a low level [processor] process the control field with a value 
from a restricted subset of the plurality of possible values; and 

d) subsequently processing the signal in the network in dependence upon the 
said value from the restricted subset of the plurality of possible values. 

15. (Twice Amended) A method of operating a node in a communications 
network, which node is in use connected to a signal source external to the 
communications network via respectively corresponding links, [each link having an 
associated low level processor feeding signals to one or more higher level processor 
within the node, there being fewer higher level processors than low level processors,] the 
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node including a data link layer interface arranged to respond to service request from 
network layer functions of the node and to issue service requests to the communications 
network the method comprising: 

a) receiving [at a low level processor] from the said signal source signals 
which include a control field, which control field takes one of a plurality of possible 
values, and the subsequent handling of the said signal by the network being controlled 
according to the value of the control field; 

b) within the data link layer interface at a low level [processor] process 
overwriting the control field with a value from a restricted subset of the plurality of 
possible values; and 

c) subsequently processing the signal in the network in dependence upon the 
said value from the restricted subset of the plurality of possible values. 

21 . (Amended) A method of operating a node in a communications network, 
said node being connected via a plurality of links to a corresponding plurality of 
neighboring nodes so as to receive messages transmitted from the neighboring nodes, 
each message including a plurality of fields, [said node having a corresponding plurality 
of low level processing means, each of which is associated with at least one of the 
plurality of links, and said node further including higher level processing means,] the 
method comprising: 
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[each] a low level [processing means] process comparing one or more of the fields 
of each of the incoming messages received on its respective link with prestored 
permissible values for each respective field and, in the event that at least one field holds 
an impermissible value, taking corrective action; 

wherein incoming messages which have been processed by the low level 
[processing means] process are forwarded to [the] a higher level [processing means] 
process for further processing and wherein the higher level [processing means] process 
receives processed messages from a plurality of the low level [processing means] 
processes . 

23. (Amended) A node suitable for connection in a communications network 
and comprising: 

a common high level [processor] process or group of [processors] processes ; 

a network interface for connection to the communications network; 

an external interface for connection to nodes external to the communications 
network via respectively corresponding links for receiving messages therefrom; and 

a plurality of low level [processors] processes [connected to the external interface 
and] operable to process messages received from the external nodes and to feed the 
processed messages on to the common high level [processor] process or group of 
[processors] processes , each low level processor being operable to compare at least one 
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field within each message received with a set of permissible values for that field and to 
take corrective action in the event that the comparison indicates that the field contains an 
impermissible value. 
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